Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
09/09/2024, 18:44
General
-
Target
d6e4f080d00704dd5d45532a45e5acf7_JaffaCakes118.exe
-
Size
424KB
-
MD5
d6e4f080d00704dd5d45532a45e5acf7
-
SHA1
b169e60b9c8ee919a42d0bb1680ffcf4c37828bb
-
SHA256
3c5cca3d4276485b95b61ffb172e36b9200ba1a979edfd8bcbd26ce2a8bc3bd8
-
SHA512
9ca48e1927a3bb04c36b6545020e34f963877d9f89752ed8e4cb589b144bedbf4a4d45ec17792644dcc58a7e6466646321a82416cb242c5d94b95a47479ba9f7
-
SSDEEP
6144:zLKOPGDPuZDGYh3GTFDRQOLxmFRjCQg8tNALsooREP5zWpUYlDLtsgpyRqqzBxwF:6OuruZDoJ68O+gNAwVuYlnK8q1x
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\d6e4f080d00704dd5d45532a45e5acf7_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\d6e4f080d00704dd5d45532a45e5acf7_JaffaCakes118.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3720 -s 5482⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 3720 -ip 37201⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB
-
Filesize
800KB